I've read your configuration file and there's some stuff I don't understand
right good.
I have put numbers on each line so I can make the point a little clearer
You have:
># Open up *valid* ports to remote connection, DNS, HTTP, FTP
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 7
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 9
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 13
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 20
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 21
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 53
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 80
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 7
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 9
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 13
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 20
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 21
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 53
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 80
>ipchains -A input -j ACCEPT -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0 518
># Open up SMTP port only to ISP's Mail Punts
>ipchains -A input -j ACCEPT -p tcp -i ppp0 -s 194.217.242.0/24 -d 0.0.0.0/0
25
and then suddenly you have:
>ipchains -A input -j DENY -p tcp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0
1:1023 -l
>ipchains -A input -j DENY -p udp -i ppp0 -s 0.0.0.0/0 -d 0.0.0.0/0
1:1023 -l
So you deny everything what you opened right one millisecond before...and
you are not opening ports TO a remote site, you are allowing remote sites TO
access YOUR ports...or where Am I missed the point?
># Allow any remote connections to the PPP address
>ipchains -A input -j ACCEPT -i ppp0 -s 0.0.0.0/0 -d 194.222.168.226
If you have -i ppp0 is it necesary to especify the destination address too??
I don't have a static IP in my ppp.
># Stop Outbound packets from PPP going to Local Net (Routing Problems)
>ipchains -A output -j DENY -i ppp0 -s 0.0.0.0/0 -d 192.168.0.0/16 -l
># Stop Outbound packets from Local Net going across PPP (Masquarding
Problems)
>ipchains -A output -j DENY -i ppp0 -s 192.168.0.0/16 -d 0.0.0.0/0 -l
You have already set a policicy o f DENY for output packets, why to DENY it
then once more?? Why not DENY all this stuff at the forward chain?
># No Masquarding between local computers
>ipchains -A forward -j ACCEPT -s 192.168.0.0/16 -d 192.168.0.0/16
>ipchains -A forward -j MASQ -s 192.168.0.0/16 -d 0.0.0.0/0
What do you mean with "No Masquerading between local computers" ? If I have
ipchains -A forward -i ppp0 -s 192.168.0.0/16 -j MASQ
is in this way the problem away?
I have a lot more questions about you script...but I think these were the
most importante for me.
I hope you understand my movie-learned english :)
Bye
> Hi,
>
> I'm not running DSL but, if you have a look at my scripts you will be able
> to see exactly what you need to do, if you have any further questions,
> come back to me.
>
> Andy
>
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
